diff options
author | ugen <ugen@FreeBSD.org> | 1995-02-17 15:44:08 +0000 |
---|---|---|
committer | ugen <ugen@FreeBSD.org> | 1995-02-17 15:44:08 +0000 |
commit | 825b23f4ea7a9ecdb1e0db892712e1c61d9fe08c (patch) | |
tree | 91174a15d0f18ffec0a24eba115907aaf001de58 /sbin | |
parent | d722999cd2925b85f776c88db4e503638f07d956 (diff) | |
download | FreeBSD-src-825b23f4ea7a9ecdb1e0db892712e1c61d9fe08c.zip FreeBSD-src-825b23f4ea7a9ecdb1e0db892712e1c61d9fe08c.tar.gz |
Finally document "via" feature..
Diffstat (limited to 'sbin')
-rw-r--r-- | sbin/ipfw/ipfw.8 | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index c7159e5..89dd0f3 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -58,11 +58,11 @@ This is <chain-entry pattern> structure: "dst" to "src"). The <proto/addr pattern> is: - all|icmp from <src addr/mask> to <dst addr/mask> - tcp|tcpsyn|udp from <src addr/mask> [ports] to <dst addr/mask> [ports] -all matches any IP packet. -icmp,tcp and udp - packets for corresponding protocols. -tcpsyn - tcp SYN packets (which used when initiating connection). + all|icmp from <src addr/mask> to <dst addr/mask> [via <addr>] + tcp[syn]|udp from <src addr/mask>[ports] to <dst addr/mask>[ports][via <addr>] + all matches any IP packet. + icmp,tcp and udp - packets for corresponding protocols. + tcpsyn - tcp SYN packets (which used when initiating connection). The <src addr/mask>: <INET IP addr | domain name> [/mask bits | :mask pattern] @@ -70,6 +70,10 @@ The <src addr/mask>: Mask pattern has form of IP address and AND'ed logically with address given. [ports]: [ port,port....|port:port] Name of service can be used instead of port numeric value. + +The via <addr> is optional and may specify IP address/name of one of local + IP interfaces to match only packets coming through it.The IP given is NOT + checked,and wrong value of IP causes entry to not match anything. To l[ist] command may be passed: f[irewall] | a[ccounting] to list specific chain or none to list |